Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2023-26545 (GCVE-0-2023-26545)
Vulnerability from cvelistv5 – Published: 2023-02-25 00:00 – Updated: 2025-03-20 20:45
VLAI
EPSS
Summary
In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device.
Severity
4.7 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-415 - Double Free
Assigner
References
6 references
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:53:53.581Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/fda6c89fe3d9aca073495a664e1d5aea28cd4377"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fda6c89fe3d9aca073495a664e1d5aea28cd4377"
},
{
"tags": [
"x_transferred"
],
"url": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.13"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20230316-0009/"
},
{
"name": "[debian-lts-announce] 20230502 [SECURITY] [DLA 3404-1] linux-5.10 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html"
},
{
"name": "[debian-lts-announce] 20230503 [SECURITY] [DLA 3403-1] linux security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-26545",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-06T15:57:11.643164Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-415",
"description": "CWE-415 Double Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T20:45:02.001Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-03T13:06:27.227Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/torvalds/linux/commit/fda6c89fe3d9aca073495a664e1d5aea28cd4377"
},
{
"url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fda6c89fe3d9aca073495a664e1d5aea28cd4377"
},
{
"url": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.13"
},
{
"url": "https://security.netapp.com/advisory/ntap-20230316-0009/"
},
{
"name": "[debian-lts-announce] 20230502 [SECURITY] [DLA 3404-1] linux-5.10 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html"
},
{
"name": "[debian-lts-announce] 20230503 [SECURITY] [DLA 3403-1] linux security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-26545",
"datePublished": "2023-02-25T00:00:00.000Z",
"dateReserved": "2023-02-25T00:00:00.000Z",
"dateUpdated": "2025-03-20T20:45:02.001Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2023-26545",
"date": "2026-06-06",
"epss": "0.00015",
"percentile": "0.03475"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2023-26545\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2023-02-25T04:15:10.127\",\"lastModified\":\"2025-06-25T20:54:48.233\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":4.7,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.0,\"impactScore\":3.6},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":4.7,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.0,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-415\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-415\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.1\",\"versionEndExcluding\":\"6.1.13\",\"matchCriteriaId\":\"34E7B01C-B8DC-4B6E-B51E-A7DFD70FA1F4\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6770B6C3-732E-4E22-BF1C-2D2FD610061C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F9C8C20-42EB-4AB5-BD97-212DEB070C43\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FFF7106-ED78-49BA-9EC5-B889E3685D53\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E63D8B0F-006E-4801-BF9D-1C001BBFB4F9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56409CEC-5A1E-4450-AA42-641E459CC2AF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B06F4839-D16A-4A61-9BB5-55B13F41E47F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0B4AD8A-F172-4558-AEC6-FF424BA2D912\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8497A4C9-8474-4A62-8331-3FE862ED4098\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CDDF61B7-EC5C-467C-B710-B89F502CD04F\"}]}]}],\"references\":[{\"url\":\"https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.13\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fda6c89fe3d9aca073495a664e1d5aea28cd4377\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Mailing List\"]},{\"url\":\"https://github.com/torvalds/linux/commit/fda6c89fe3d9aca073495a664e1d5aea28cd4377\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20230316-0009/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.13\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fda6c89fe3d9aca073495a664e1d5aea28cd4377\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Mailing List\"]},{\"url\":\"https://github.com/torvalds/linux/commit/fda6c89fe3d9aca073495a664e1d5aea28cd4377\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20230316-0009/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/torvalds/linux/commit/fda6c89fe3d9aca073495a664e1d5aea28cd4377\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fda6c89fe3d9aca073495a664e1d5aea28cd4377\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.13\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20230316-0009/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html\", \"name\": \"[debian-lts-announce] 20230502 [SECURITY] [DLA 3404-1] linux-5.10 security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html\", \"name\": \"[debian-lts-announce] 20230503 [SECURITY] [DLA 3403-1] linux security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T11:53:53.581Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 4.7, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-26545\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-03-06T15:57:11.643164Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-415\", \"description\": \"CWE-415 Double Free\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-03-06T15:57:13.067Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"references\": [{\"url\": \"https://github.com/torvalds/linux/commit/fda6c89fe3d9aca073495a664e1d5aea28cd4377\"}, {\"url\": \"https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fda6c89fe3d9aca073495a664e1d5aea28cd4377\"}, {\"url\": \"https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.13\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20230316-0009/\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html\", \"name\": \"[debian-lts-announce] 20230502 [SECURITY] [DLA 3404-1] linux-5.10 security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html\", \"name\": \"[debian-lts-announce] 20230503 [SECURITY] [DLA 3403-1] linux security update\", \"tags\": [\"mailing-list\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2023-05-03T13:06:27.227Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2023-26545\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-03-20T20:45:02.001Z\", \"dateReserved\": \"2023-02-25T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2023-02-25T00:00:00.000Z\", \"assignerShortName\": \"mitre\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
SUSE-SU-2023:0852-1
Vulnerability from csaf_suse - Published: 2023-03-21 12:36 - Updated: 2023-03-21 12:36Summary
Security update for the Linux Kernel
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch:
The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2022-4129: Fixed a denial of service with the Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing sk_user_data can lead to a race condition and NULL pointer dereference. (bsc#1205711)
- CVE-2021-4203: Fixed use-after-free read flaw that was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (bsc#1194535).
- CVE-2023-23559: Fixed integer overflow in rndis_wlan that leads to a buffer overflow (bsc#1207051).
- CVE-2023-26545: Fixed double free in net/mpls/af_mpls.c upon an allocation failure (bsc#1208700).
- CVE-2022-38096: Fixed NULL-ptr deref in vmw_cmd_dx_define_query() (bsc#1203331).
- CVE-2022-36280: Fixed out-of-bounds memory access vulnerability found in vmwgfx driver (bsc#1203332).
- CVE-2023-0045: Fixed missing Flush IBP in ib_prctl_set (bsc#1207773).
- CVE-2023-0590: Fixed race condition in qdisc_graft() (bsc#1207795).
- CVE-2022-2991: Fixed an heap-based overflow in the lightnvm implemenation (bsc#1201420).
The following non-security bugs were fixed:
- kabi/severities: add l2tp local symbols
Patchnames: SUSE-2023-852,SUSE-OpenStack-Cloud-9-2023-852,SUSE-OpenStack-Cloud-Crowbar-9-2023-852,SUSE-SLE-HA-12-SP4-2023-852,SUSE-SLE-Live-Patching-12-SP4-2023-852,SUSE-SLE-SERVER-12-SP4-ESPOS-2023-852,SUSE-SLE-SERVER-12-SP4-LTSS-2023-852
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.8 (Medium)
Affected products
Recommended
66 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.2 (High)
Affected products
Recommended
66 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.5 (Medium)
Affected products
Recommended
66 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
66 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
66 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.7 (Medium)
Affected products
Recommended
66 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
66 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
66 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
66 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
50 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2022-4129: Fixed a denial of service with the Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing sk_user_data can lead to a race condition and NULL pointer dereference. (bsc#1205711)\n- CVE-2021-4203: Fixed use-after-free read flaw that was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (bsc#1194535).\n- CVE-2023-23559: Fixed integer overflow in rndis_wlan that leads to a buffer overflow (bsc#1207051).\n- CVE-2023-26545: Fixed double free in net/mpls/af_mpls.c upon an allocation failure (bsc#1208700).\n- CVE-2022-38096: Fixed NULL-ptr deref in vmw_cmd_dx_define_query() (bsc#1203331).\n- CVE-2022-36280: Fixed out-of-bounds memory access vulnerability found in vmwgfx driver (bsc#1203332).\n- CVE-2023-0045: Fixed missing Flush IBP in ib_prctl_set (bsc#1207773).\n- CVE-2023-0590: Fixed race condition in qdisc_graft() (bsc#1207795).\n- CVE-2022-2991: Fixed an heap-based overflow in the lightnvm implemenation (bsc#1201420).\n\nThe following non-security bugs were fixed:\n\n- kabi/severities: add l2tp local symbols\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-852,SUSE-OpenStack-Cloud-9-2023-852,SUSE-OpenStack-Cloud-Crowbar-9-2023-852,SUSE-SLE-HA-12-SP4-2023-852,SUSE-SLE-Live-Patching-12-SP4-2023-852,SUSE-SLE-SERVER-12-SP4-ESPOS-2023-852,SUSE-SLE-SERVER-12-SP4-LTSS-2023-852",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_0852-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:0852-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20230852-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:0852-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-March/014114.html"
},
{
"category": "self",
"summary": "SUSE Bug 1191881",
"url": "https://bugzilla.suse.com/1191881"
},
{
"category": "self",
"summary": "SUSE Bug 1194535",
"url": "https://bugzilla.suse.com/1194535"
},
{
"category": "self",
"summary": "SUSE Bug 1201420",
"url": "https://bugzilla.suse.com/1201420"
},
{
"category": "self",
"summary": "SUSE Bug 1203331",
"url": "https://bugzilla.suse.com/1203331"
},
{
"category": "self",
"summary": "SUSE Bug 1203332",
"url": "https://bugzilla.suse.com/1203332"
},
{
"category": "self",
"summary": "SUSE Bug 1205711",
"url": "https://bugzilla.suse.com/1205711"
},
{
"category": "self",
"summary": "SUSE Bug 1207051",
"url": "https://bugzilla.suse.com/1207051"
},
{
"category": "self",
"summary": "SUSE Bug 1207773",
"url": "https://bugzilla.suse.com/1207773"
},
{
"category": "self",
"summary": "SUSE Bug 1207795",
"url": "https://bugzilla.suse.com/1207795"
},
{
"category": "self",
"summary": "SUSE Bug 1208700",
"url": "https://bugzilla.suse.com/1208700"
},
{
"category": "self",
"summary": "SUSE Bug 1209188",
"url": "https://bugzilla.suse.com/1209188"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-4203 page",
"url": "https://www.suse.com/security/cve/CVE-2021-4203/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-2991 page",
"url": "https://www.suse.com/security/cve/CVE-2022-2991/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-36280 page",
"url": "https://www.suse.com/security/cve/CVE-2022-36280/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-38096 page",
"url": "https://www.suse.com/security/cve/CVE-2022-38096/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-4129 page",
"url": "https://www.suse.com/security/cve/CVE-2022-4129/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-0045 page",
"url": "https://www.suse.com/security/cve/CVE-2023-0045/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-0590 page",
"url": "https://www.suse.com/security/cve/CVE-2023-0590/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-23559 page",
"url": "https://www.suse.com/security/cve/CVE-2023-23559/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-26545 page",
"url": "https://www.suse.com/security/cve/CVE-2023-26545/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2023-03-21T12:36:10Z",
"generator": {
"date": "2023-03-21T12:36:10Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:0852-1",
"initial_release_date": "2023-03-21T12:36:10Z",
"revision_history": [
{
"date": "2023-03-21T12:36:10Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-95.120.4.aarch64",
"product": {
"name": "cluster-md-kmp-default-4.12.14-95.120.4.aarch64",
"product_id": "cluster-md-kmp-default-4.12.14-95.120.4.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-95.120.4.aarch64",
"product": {
"name": "dlm-kmp-default-4.12.14-95.120.4.aarch64",
"product_id": "dlm-kmp-default-4.12.14-95.120.4.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-95.120.4.aarch64",
"product": {
"name": "gfs2-kmp-default-4.12.14-95.120.4.aarch64",
"product_id": "gfs2-kmp-default-4.12.14-95.120.4.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-95.120.4.aarch64",
"product": {
"name": "kernel-default-4.12.14-95.120.4.aarch64",
"product_id": "kernel-default-4.12.14-95.120.4.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-95.120.4.aarch64",
"product": {
"name": "kernel-default-base-4.12.14-95.120.4.aarch64",
"product_id": "kernel-default-base-4.12.14-95.120.4.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-95.120.4.aarch64",
"product": {
"name": "kernel-default-devel-4.12.14-95.120.4.aarch64",
"product_id": "kernel-default-devel-4.12.14-95.120.4.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.12.14-95.120.4.aarch64",
"product": {
"name": "kernel-default-extra-4.12.14-95.120.4.aarch64",
"product_id": "kernel-default-extra-4.12.14-95.120.4.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.12.14-95.120.4.aarch64",
"product": {
"name": "kernel-default-kgraft-4.12.14-95.120.4.aarch64",
"product_id": "kernel-default-kgraft-4.12.14-95.120.4.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-devel-4.12.14-95.120.4.aarch64",
"product": {
"name": "kernel-default-kgraft-devel-4.12.14-95.120.4.aarch64",
"product_id": "kernel-default-kgraft-devel-4.12.14-95.120.4.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-95.120.4.aarch64",
"product": {
"name": "kernel-obs-build-4.12.14-95.120.4.aarch64",
"product_id": "kernel-obs-build-4.12.14-95.120.4.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-95.120.1.aarch64",
"product": {
"name": "kernel-obs-qa-4.12.14-95.120.1.aarch64",
"product_id": "kernel-obs-qa-4.12.14-95.120.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-95.120.4.aarch64",
"product": {
"name": "kernel-syms-4.12.14-95.120.4.aarch64",
"product_id": "kernel-syms-4.12.14-95.120.4.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-95.120.4.aarch64",
"product": {
"name": "kernel-vanilla-4.12.14-95.120.4.aarch64",
"product_id": "kernel-vanilla-4.12.14-95.120.4.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-95.120.4.aarch64",
"product": {
"name": "kernel-vanilla-base-4.12.14-95.120.4.aarch64",
"product_id": "kernel-vanilla-base-4.12.14-95.120.4.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-95.120.4.aarch64",
"product": {
"name": "kernel-vanilla-devel-4.12.14-95.120.4.aarch64",
"product_id": "kernel-vanilla-devel-4.12.14-95.120.4.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-kgraft-devel-4.12.14-95.120.4.aarch64",
"product": {
"name": "kernel-vanilla-kgraft-devel-4.12.14-95.120.4.aarch64",
"product_id": "kernel-vanilla-kgraft-devel-4.12.14-95.120.4.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.12.14-95.120.4.aarch64",
"product": {
"name": "kselftests-kmp-default-4.12.14-95.120.4.aarch64",
"product_id": "kselftests-kmp-default-4.12.14-95.120.4.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-95.120.4.aarch64",
"product": {
"name": "ocfs2-kmp-default-4.12.14-95.120.4.aarch64",
"product_id": "ocfs2-kmp-default-4.12.14-95.120.4.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-4.12.14-95.120.4.noarch",
"product": {
"name": "kernel-devel-4.12.14-95.120.4.noarch",
"product_id": "kernel-devel-4.12.14-95.120.4.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-4.12.14-95.120.6.noarch",
"product": {
"name": "kernel-docs-4.12.14-95.120.6.noarch",
"product_id": "kernel-docs-4.12.14-95.120.6.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-html-4.12.14-95.120.6.noarch",
"product": {
"name": "kernel-docs-html-4.12.14-95.120.6.noarch",
"product_id": "kernel-docs-html-4.12.14-95.120.6.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-4.12.14-95.120.4.noarch",
"product": {
"name": "kernel-macros-4.12.14-95.120.4.noarch",
"product_id": "kernel-macros-4.12.14-95.120.4.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-4.12.14-95.120.4.noarch",
"product": {
"name": "kernel-source-4.12.14-95.120.4.noarch",
"product_id": "kernel-source-4.12.14-95.120.4.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-4.12.14-95.120.4.noarch",
"product": {
"name": "kernel-source-vanilla-4.12.14-95.120.4.noarch",
"product_id": "kernel-source-vanilla-4.12.14-95.120.4.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"product": {
"name": "cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"product_id": "cluster-md-kmp-default-4.12.14-95.120.4.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"product": {
"name": "dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"product_id": "dlm-kmp-default-4.12.14-95.120.4.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"product": {
"name": "gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"product_id": "gfs2-kmp-default-4.12.14-95.120.4.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-4.12.14-95.120.4.ppc64le",
"product": {
"name": "kernel-debug-4.12.14-95.120.4.ppc64le",
"product_id": "kernel-debug-4.12.14-95.120.4.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-4.12.14-95.120.4.ppc64le",
"product": {
"name": "kernel-debug-base-4.12.14-95.120.4.ppc64le",
"product_id": "kernel-debug-base-4.12.14-95.120.4.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-4.12.14-95.120.4.ppc64le",
"product": {
"name": "kernel-debug-devel-4.12.14-95.120.4.ppc64le",
"product_id": "kernel-debug-devel-4.12.14-95.120.4.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-kgraft-devel-4.12.14-95.120.4.ppc64le",
"product": {
"name": "kernel-debug-kgraft-devel-4.12.14-95.120.4.ppc64le",
"product_id": "kernel-debug-kgraft-devel-4.12.14-95.120.4.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-95.120.4.ppc64le",
"product": {
"name": "kernel-default-4.12.14-95.120.4.ppc64le",
"product_id": "kernel-default-4.12.14-95.120.4.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-95.120.4.ppc64le",
"product": {
"name": "kernel-default-base-4.12.14-95.120.4.ppc64le",
"product_id": "kernel-default-base-4.12.14-95.120.4.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-95.120.4.ppc64le",
"product": {
"name": "kernel-default-devel-4.12.14-95.120.4.ppc64le",
"product_id": "kernel-default-devel-4.12.14-95.120.4.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.12.14-95.120.4.ppc64le",
"product": {
"name": "kernel-default-extra-4.12.14-95.120.4.ppc64le",
"product_id": "kernel-default-extra-4.12.14-95.120.4.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"product": {
"name": "kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"product_id": "kernel-default-kgraft-4.12.14-95.120.4.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"product": {
"name": "kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"product_id": "kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-95.120.4.ppc64le",
"product": {
"name": "kernel-obs-build-4.12.14-95.120.4.ppc64le",
"product_id": "kernel-obs-build-4.12.14-95.120.4.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-95.120.1.ppc64le",
"product": {
"name": "kernel-obs-qa-4.12.14-95.120.1.ppc64le",
"product_id": "kernel-obs-qa-4.12.14-95.120.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-95.120.4.ppc64le",
"product": {
"name": "kernel-syms-4.12.14-95.120.4.ppc64le",
"product_id": "kernel-syms-4.12.14-95.120.4.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-95.120.4.ppc64le",
"product": {
"name": "kernel-vanilla-4.12.14-95.120.4.ppc64le",
"product_id": "kernel-vanilla-4.12.14-95.120.4.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-95.120.4.ppc64le",
"product": {
"name": "kernel-vanilla-base-4.12.14-95.120.4.ppc64le",
"product_id": "kernel-vanilla-base-4.12.14-95.120.4.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-95.120.4.ppc64le",
"product": {
"name": "kernel-vanilla-devel-4.12.14-95.120.4.ppc64le",
"product_id": "kernel-vanilla-devel-4.12.14-95.120.4.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-kgraft-devel-4.12.14-95.120.4.ppc64le",
"product": {
"name": "kernel-vanilla-kgraft-devel-4.12.14-95.120.4.ppc64le",
"product_id": "kernel-vanilla-kgraft-devel-4.12.14-95.120.4.ppc64le"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"product": {
"name": "kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"product_id": "kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.12.14-95.120.4.ppc64le",
"product": {
"name": "kselftests-kmp-default-4.12.14-95.120.4.ppc64le",
"product_id": "kselftests-kmp-default-4.12.14-95.120.4.ppc64le"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"product": {
"name": "ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"product_id": "ocfs2-kmp-default-4.12.14-95.120.4.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"product": {
"name": "cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"product_id": "cluster-md-kmp-default-4.12.14-95.120.4.s390x"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-95.120.4.s390x",
"product": {
"name": "dlm-kmp-default-4.12.14-95.120.4.s390x",
"product_id": "dlm-kmp-default-4.12.14-95.120.4.s390x"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-95.120.4.s390x",
"product": {
"name": "gfs2-kmp-default-4.12.14-95.120.4.s390x",
"product_id": "gfs2-kmp-default-4.12.14-95.120.4.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-95.120.4.s390x",
"product": {
"name": "kernel-default-4.12.14-95.120.4.s390x",
"product_id": "kernel-default-4.12.14-95.120.4.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-95.120.4.s390x",
"product": {
"name": "kernel-default-base-4.12.14-95.120.4.s390x",
"product_id": "kernel-default-base-4.12.14-95.120.4.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-95.120.4.s390x",
"product": {
"name": "kernel-default-devel-4.12.14-95.120.4.s390x",
"product_id": "kernel-default-devel-4.12.14-95.120.4.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.12.14-95.120.4.s390x",
"product": {
"name": "kernel-default-extra-4.12.14-95.120.4.s390x",
"product_id": "kernel-default-extra-4.12.14-95.120.4.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.12.14-95.120.4.s390x",
"product": {
"name": "kernel-default-kgraft-4.12.14-95.120.4.s390x",
"product_id": "kernel-default-kgraft-4.12.14-95.120.4.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"product": {
"name": "kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"product_id": "kernel-default-kgraft-devel-4.12.14-95.120.4.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-man-4.12.14-95.120.4.s390x",
"product": {
"name": "kernel-default-man-4.12.14-95.120.4.s390x",
"product_id": "kernel-default-man-4.12.14-95.120.4.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-95.120.4.s390x",
"product": {
"name": "kernel-obs-build-4.12.14-95.120.4.s390x",
"product_id": "kernel-obs-build-4.12.14-95.120.4.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-95.120.1.s390x",
"product": {
"name": "kernel-obs-qa-4.12.14-95.120.1.s390x",
"product_id": "kernel-obs-qa-4.12.14-95.120.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-95.120.4.s390x",
"product": {
"name": "kernel-syms-4.12.14-95.120.4.s390x",
"product_id": "kernel-syms-4.12.14-95.120.4.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-95.120.4.s390x",
"product": {
"name": "kernel-vanilla-4.12.14-95.120.4.s390x",
"product_id": "kernel-vanilla-4.12.14-95.120.4.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-95.120.4.s390x",
"product": {
"name": "kernel-vanilla-base-4.12.14-95.120.4.s390x",
"product_id": "kernel-vanilla-base-4.12.14-95.120.4.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-95.120.4.s390x",
"product": {
"name": "kernel-vanilla-devel-4.12.14-95.120.4.s390x",
"product_id": "kernel-vanilla-devel-4.12.14-95.120.4.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-kgraft-devel-4.12.14-95.120.4.s390x",
"product": {
"name": "kernel-vanilla-kgraft-devel-4.12.14-95.120.4.s390x",
"product_id": "kernel-vanilla-kgraft-devel-4.12.14-95.120.4.s390x"
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-4.12.14-95.120.4.s390x",
"product": {
"name": "kernel-zfcpdump-4.12.14-95.120.4.s390x",
"product_id": "kernel-zfcpdump-4.12.14-95.120.4.s390x"
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-man-4.12.14-95.120.4.s390x",
"product": {
"name": "kernel-zfcpdump-man-4.12.14-95.120.4.s390x",
"product_id": "kernel-zfcpdump-man-4.12.14-95.120.4.s390x"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"product": {
"name": "kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"product_id": "kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.12.14-95.120.4.s390x",
"product": {
"name": "kselftests-kmp-default-4.12.14-95.120.4.s390x",
"product_id": "kselftests-kmp-default-4.12.14-95.120.4.s390x"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"product": {
"name": "ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"product_id": "ocfs2-kmp-default-4.12.14-95.120.4.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"product": {
"name": "cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"product_id": "cluster-md-kmp-default-4.12.14-95.120.4.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-95.120.4.x86_64",
"product": {
"name": "dlm-kmp-default-4.12.14-95.120.4.x86_64",
"product_id": "dlm-kmp-default-4.12.14-95.120.4.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"product": {
"name": "gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"product_id": "gfs2-kmp-default-4.12.14-95.120.4.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-4.12.14-95.120.4.x86_64",
"product": {
"name": "kernel-debug-4.12.14-95.120.4.x86_64",
"product_id": "kernel-debug-4.12.14-95.120.4.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-4.12.14-95.120.4.x86_64",
"product": {
"name": "kernel-debug-base-4.12.14-95.120.4.x86_64",
"product_id": "kernel-debug-base-4.12.14-95.120.4.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-4.12.14-95.120.4.x86_64",
"product": {
"name": "kernel-debug-devel-4.12.14-95.120.4.x86_64",
"product_id": "kernel-debug-devel-4.12.14-95.120.4.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-kgraft-devel-4.12.14-95.120.4.x86_64",
"product": {
"name": "kernel-debug-kgraft-devel-4.12.14-95.120.4.x86_64",
"product_id": "kernel-debug-kgraft-devel-4.12.14-95.120.4.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-95.120.4.x86_64",
"product": {
"name": "kernel-default-4.12.14-95.120.4.x86_64",
"product_id": "kernel-default-4.12.14-95.120.4.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-95.120.4.x86_64",
"product": {
"name": "kernel-default-base-4.12.14-95.120.4.x86_64",
"product_id": "kernel-default-base-4.12.14-95.120.4.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-95.120.4.x86_64",
"product": {
"name": "kernel-default-devel-4.12.14-95.120.4.x86_64",
"product_id": "kernel-default-devel-4.12.14-95.120.4.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.12.14-95.120.4.x86_64",
"product": {
"name": "kernel-default-extra-4.12.14-95.120.4.x86_64",
"product_id": "kernel-default-extra-4.12.14-95.120.4.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"product": {
"name": "kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"product_id": "kernel-default-kgraft-4.12.14-95.120.4.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"product": {
"name": "kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"product_id": "kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-4.12.14-95.120.4.x86_64",
"product": {
"name": "kernel-kvmsmall-4.12.14-95.120.4.x86_64",
"product_id": "kernel-kvmsmall-4.12.14-95.120.4.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-base-4.12.14-95.120.4.x86_64",
"product": {
"name": "kernel-kvmsmall-base-4.12.14-95.120.4.x86_64",
"product_id": "kernel-kvmsmall-base-4.12.14-95.120.4.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-4.12.14-95.120.4.x86_64",
"product": {
"name": "kernel-kvmsmall-devel-4.12.14-95.120.4.x86_64",
"product_id": "kernel-kvmsmall-devel-4.12.14-95.120.4.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-kgraft-devel-4.12.14-95.120.4.x86_64",
"product": {
"name": "kernel-kvmsmall-kgraft-devel-4.12.14-95.120.4.x86_64",
"product_id": "kernel-kvmsmall-kgraft-devel-4.12.14-95.120.4.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-95.120.4.x86_64",
"product": {
"name": "kernel-obs-build-4.12.14-95.120.4.x86_64",
"product_id": "kernel-obs-build-4.12.14-95.120.4.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-95.120.1.x86_64",
"product": {
"name": "kernel-obs-qa-4.12.14-95.120.1.x86_64",
"product_id": "kernel-obs-qa-4.12.14-95.120.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-95.120.4.x86_64",
"product": {
"name": "kernel-syms-4.12.14-95.120.4.x86_64",
"product_id": "kernel-syms-4.12.14-95.120.4.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-95.120.4.x86_64",
"product": {
"name": "kernel-vanilla-4.12.14-95.120.4.x86_64",
"product_id": "kernel-vanilla-4.12.14-95.120.4.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-95.120.4.x86_64",
"product": {
"name": "kernel-vanilla-base-4.12.14-95.120.4.x86_64",
"product_id": "kernel-vanilla-base-4.12.14-95.120.4.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-95.120.4.x86_64",
"product": {
"name": "kernel-vanilla-devel-4.12.14-95.120.4.x86_64",
"product_id": "kernel-vanilla-devel-4.12.14-95.120.4.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-kgraft-devel-4.12.14-95.120.4.x86_64",
"product": {
"name": "kernel-vanilla-kgraft-devel-4.12.14-95.120.4.x86_64",
"product_id": "kernel-vanilla-kgraft-devel-4.12.14-95.120.4.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"product": {
"name": "kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"product_id": "kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.12.14-95.120.4.x86_64",
"product": {
"name": "kselftests-kmp-default-4.12.14-95.120.4.x86_64",
"product_id": "kselftests-kmp-default-4.12.14-95.120.4.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"product": {
"name": "ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"product_id": "ocfs2-kmp-default-4.12.14-95.120.4.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 9",
"product": {
"name": "SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud:9"
}
}
},
{
"category": "product_name",
"name": "SUSE OpenStack Cloud Crowbar 9",
"product": {
"name": "SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud-crowbar:9"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Availability Extension 12 SP4",
"product": {
"name": "SUSE Linux Enterprise High Availability Extension 12 SP4",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-ha:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-espos:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-95.120.4.x86_64 as component of SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64"
},
"product_reference": "kernel-default-4.12.14-95.120.4.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-95.120.4.x86_64 as component of SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64"
},
"product_reference": "kernel-default-base-4.12.14-95.120.4.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-95.120.4.x86_64 as component of SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64"
},
"product_reference": "kernel-default-devel-4.12.14-95.120.4.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.12.14-95.120.4.noarch as component of SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch"
},
"product_reference": "kernel-devel-4.12.14-95.120.4.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.12.14-95.120.4.noarch as component of SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch"
},
"product_reference": "kernel-macros-4.12.14-95.120.4.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.12.14-95.120.4.noarch as component of SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch"
},
"product_reference": "kernel-source-4.12.14-95.120.4.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-95.120.4.x86_64 as component of SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64"
},
"product_reference": "kernel-syms-4.12.14-95.120.4.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-95.120.4.x86_64 as component of SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64"
},
"product_reference": "kernel-default-4.12.14-95.120.4.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-95.120.4.x86_64 as component of SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64"
},
"product_reference": "kernel-default-base-4.12.14-95.120.4.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-95.120.4.x86_64 as component of SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64"
},
"product_reference": "kernel-default-devel-4.12.14-95.120.4.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.12.14-95.120.4.noarch as component of SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch"
},
"product_reference": "kernel-devel-4.12.14-95.120.4.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.12.14-95.120.4.noarch as component of SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch"
},
"product_reference": "kernel-macros-4.12.14-95.120.4.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.12.14-95.120.4.noarch as component of SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch"
},
"product_reference": "kernel-source-4.12.14-95.120.4.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-95.120.4.x86_64 as component of SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
},
"product_reference": "kernel-syms-4.12.14-95.120.4.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-95.120.4.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP4",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le"
},
"product_reference": "cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-95.120.4.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP4",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x"
},
"product_reference": "cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-95.120.4.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP4",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64"
},
"product_reference": "cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-95.120.4.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP4",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le"
},
"product_reference": "dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-95.120.4.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP4",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x"
},
"product_reference": "dlm-kmp-default-4.12.14-95.120.4.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-95.120.4.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP4",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64"
},
"product_reference": "dlm-kmp-default-4.12.14-95.120.4.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-95.120.4.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP4",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le"
},
"product_reference": "gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-95.120.4.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP4",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x"
},
"product_reference": "gfs2-kmp-default-4.12.14-95.120.4.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-95.120.4.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP4",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64"
},
"product_reference": "gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-95.120.4.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP4",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le"
},
"product_reference": "ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-95.120.4.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP4",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x"
},
"product_reference": "ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-95.120.4.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP4",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64"
},
"product_reference": "ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-4.12.14-95.120.4.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le"
},
"product_reference": "kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-4.12.14-95.120.4.s390x as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x"
},
"product_reference": "kernel-default-kgraft-4.12.14-95.120.4.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-4.12.14-95.120.4.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64"
},
"product_reference": "kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le"
},
"product_reference": "kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-devel-4.12.14-95.120.4.s390x as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x"
},
"product_reference": "kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64"
},
"product_reference": "kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x"
},
"product_reference": "kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-95.120.4.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64"
},
"product_reference": "kernel-default-4.12.14-95.120.4.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-95.120.4.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64"
},
"product_reference": "kernel-default-4.12.14-95.120.4.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-95.120.4.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64"
},
"product_reference": "kernel-default-base-4.12.14-95.120.4.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-95.120.4.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64"
},
"product_reference": "kernel-default-base-4.12.14-95.120.4.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-95.120.4.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64"
},
"product_reference": "kernel-default-devel-4.12.14-95.120.4.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-95.120.4.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64"
},
"product_reference": "kernel-default-devel-4.12.14-95.120.4.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.12.14-95.120.4.noarch as component of SUSE Linux Enterprise Server 12 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch"
},
"product_reference": "kernel-devel-4.12.14-95.120.4.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.12.14-95.120.4.noarch as component of SUSE Linux Enterprise Server 12 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch"
},
"product_reference": "kernel-macros-4.12.14-95.120.4.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.12.14-95.120.4.noarch as component of SUSE Linux Enterprise Server 12 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch"
},
"product_reference": "kernel-source-4.12.14-95.120.4.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-95.120.4.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64"
},
"product_reference": "kernel-syms-4.12.14-95.120.4.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-95.120.4.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64"
},
"product_reference": "kernel-syms-4.12.14-95.120.4.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-95.120.4.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64"
},
"product_reference": "kernel-default-4.12.14-95.120.4.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-95.120.4.ppc64le as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le"
},
"product_reference": "kernel-default-4.12.14-95.120.4.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-95.120.4.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x"
},
"product_reference": "kernel-default-4.12.14-95.120.4.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-95.120.4.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64"
},
"product_reference": "kernel-default-4.12.14-95.120.4.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-95.120.4.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64"
},
"product_reference": "kernel-default-base-4.12.14-95.120.4.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-95.120.4.ppc64le as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le"
},
"product_reference": "kernel-default-base-4.12.14-95.120.4.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-95.120.4.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x"
},
"product_reference": "kernel-default-base-4.12.14-95.120.4.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-95.120.4.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64"
},
"product_reference": "kernel-default-base-4.12.14-95.120.4.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-95.120.4.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64"
},
"product_reference": "kernel-default-devel-4.12.14-95.120.4.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-95.120.4.ppc64le as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le"
},
"product_reference": "kernel-default-devel-4.12.14-95.120.4.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-95.120.4.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x"
},
"product_reference": "kernel-default-devel-4.12.14-95.120.4.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-95.120.4.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64"
},
"product_reference": "kernel-default-devel-4.12.14-95.120.4.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-4.12.14-95.120.4.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x"
},
"product_reference": "kernel-default-man-4.12.14-95.120.4.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.12.14-95.120.4.noarch as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch"
},
"product_reference": "kernel-devel-4.12.14-95.120.4.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.12.14-95.120.4.noarch as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch"
},
"product_reference": "kernel-macros-4.12.14-95.120.4.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.12.14-95.120.4.noarch as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch"
},
"product_reference": "kernel-source-4.12.14-95.120.4.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-95.120.4.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64"
},
"product_reference": "kernel-syms-4.12.14-95.120.4.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-95.120.4.ppc64le as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le"
},
"product_reference": "kernel-syms-4.12.14-95.120.4.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-95.120.4.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x"
},
"product_reference": "kernel-syms-4.12.14-95.120.4.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-95.120.4.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64"
},
"product_reference": "kernel-syms-4.12.14-95.120.4.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-4203",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-4203"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-4203",
"url": "https://www.suse.com/security/cve/CVE-2021-4203"
},
{
"category": "external",
"summary": "SUSE Bug 1194535 for CVE-2021-4203",
"url": "https://bugzilla.suse.com/1194535"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-21T12:36:10Z",
"details": "moderate"
}
],
"title": "CVE-2021-4203"
},
{
"cve": "CVE-2022-2991",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-2991"
}
],
"notes": [
{
"category": "general",
"text": "A heap-based buffer overflow was found in the Linux kernel\u0027s LightNVM subsystem. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. This vulnerability allows a local attacker to escalate privileges and execute arbitrary code in the context of the kernel. The attacker must first obtain the ability to execute high-privileged code on the target system to exploit this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-2991",
"url": "https://www.suse.com/security/cve/CVE-2022-2991"
},
{
"category": "external",
"summary": "SUSE Bug 1201420 for CVE-2022-2991",
"url": "https://bugzilla.suse.com/1201420"
},
{
"category": "external",
"summary": "SUSE Bug 1203993 for CVE-2022-2991",
"url": "https://bugzilla.suse.com/1203993"
},
{
"category": "external",
"summary": "SUSE Bug 1211495 for CVE-2022-2991",
"url": "https://bugzilla.suse.com/1211495"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-21T12:36:10Z",
"details": "important"
}
],
"title": "CVE-2022-2991"
},
{
"cve": "CVE-2022-36280",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-36280"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel with device file \u0027/dev/dri/renderD128 (or Dxxx)\u0027. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-36280",
"url": "https://www.suse.com/security/cve/CVE-2022-36280"
},
{
"category": "external",
"summary": "SUSE Bug 1203332 for CVE-2022-36280",
"url": "https://bugzilla.suse.com/1203332"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-21T12:36:10Z",
"details": "moderate"
}
],
"title": "CVE-2022-36280"
},
{
"cve": "CVE-2022-38096",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-38096"
}
],
"notes": [
{
"category": "general",
"text": "A NULL pointer dereference vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with device file \u0027/dev/dri/renderD128 (or Dxxx)\u0027. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-38096",
"url": "https://www.suse.com/security/cve/CVE-2022-38096"
},
{
"category": "external",
"summary": "SUSE Bug 1203331 for CVE-2022-38096",
"url": "https://bugzilla.suse.com/1203331"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-21T12:36:10Z",
"details": "moderate"
}
],
"title": "CVE-2022-38096"
},
{
"cve": "CVE-2022-4129",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-4129"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing sk_user_data can lead to a race condition and NULL pointer dereference. A local user could use this flaw to potentially crash the system causing a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-4129",
"url": "https://www.suse.com/security/cve/CVE-2022-4129"
},
{
"category": "external",
"summary": "SUSE Bug 1205711 for CVE-2022-4129",
"url": "https://bugzilla.suse.com/1205711"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-21T12:36:10Z",
"details": "moderate"
}
],
"title": "CVE-2022-4129"
},
{
"cve": "CVE-2023-0045",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-0045"
}
],
"notes": [
{
"category": "general",
"text": "The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. The ib_prctl_set function updates the Thread Information Flags (TIFs) for the task and updates the SPEC_CTRL MSR on the function __speculation_ctrl_update, but the IBPB is only issued on the next schedule, when the TIF bits are checked. This leaves the victim vulnerable to values already injected on the BTB, prior to the prctl syscall. The patch that added the support for the conditional mitigation via prctl (ib_prctl_set) dates back to the kernel 4.9.176.\n\nWe recommend upgrading past commit a664ec9158eeddd75121d39c9a0758016097fa96",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-0045",
"url": "https://www.suse.com/security/cve/CVE-2023-0045"
},
{
"category": "external",
"summary": "SUSE Bug 1207773 for CVE-2023-0045",
"url": "https://bugzilla.suse.com/1207773"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-21T12:36:10Z",
"details": "moderate"
}
],
"title": "CVE-2023-0045"
},
{
"cve": "CVE-2023-0590",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-0590"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 (\"net: sched: fix race condition in qdisc_graft()\") not applied yet, then kernel could be affected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-0590",
"url": "https://www.suse.com/security/cve/CVE-2023-0590"
},
{
"category": "external",
"summary": "SUSE Bug 1207036 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1207036"
},
{
"category": "external",
"summary": "SUSE Bug 1207795 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1207795"
},
{
"category": "external",
"summary": "SUSE Bug 1207822 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1207822"
},
{
"category": "external",
"summary": "SUSE Bug 1211495 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1211495"
},
{
"category": "external",
"summary": "SUSE Bug 1211833 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1211833"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-21T12:36:10Z",
"details": "important"
}
],
"title": "CVE-2023-0590"
},
{
"cve": "CVE-2023-23559",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-23559"
}
],
"notes": [
{
"category": "general",
"text": "In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-23559",
"url": "https://www.suse.com/security/cve/CVE-2023-23559"
},
{
"category": "external",
"summary": "SUSE Bug 1207051 for CVE-2023-23559",
"url": "https://bugzilla.suse.com/1207051"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-21T12:36:10Z",
"details": "moderate"
}
],
"title": "CVE-2023-23559"
},
{
"cve": "CVE-2023-26545",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-26545"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-26545",
"url": "https://www.suse.com/security/cve/CVE-2023-26545"
},
{
"category": "external",
"summary": "SUSE Bug 1208700 for CVE-2023-26545",
"url": "https://bugzilla.suse.com/1208700"
},
{
"category": "external",
"summary": "SUSE Bug 1208909 for CVE-2023-26545",
"url": "https://bugzilla.suse.com/1208909"
},
{
"category": "external",
"summary": "SUSE Bug 1210423 for CVE-2023-26545",
"url": "https://bugzilla.suse.com/1210423"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-21T12:36:10Z",
"details": "important"
}
],
"title": "CVE-2023-26545"
}
]
}
SUSE-SU-2023:1574-1
Vulnerability from csaf_suse - Published: 2023-03-26 23:43 - Updated: 2023-03-26 23:43Summary
Security update for the Linux Kernel RT (Live Patch 2 for SLE 15 SP4)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel RT (Live Patch 2 for SLE 15 SP4)
Description of the patch: This update for the Linux Kernel 5.14.21-150400_15_8 fixes several issues.
The following security issues were fixed:
- CVE-2023-26545: Fixed double free in net/mpls/af_mpls.c upon an allocation failure (bsc#1208700).
- CVE-2023-1078: Fixed a heap out-of-bounds write in rds_rm_zerocopy_callback (bsc#1208838).
Patchnames: SUSE-2023-1574,SUSE-SLE-Module-Live-Patching-15-SP4-2023-1574
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_8-rt-3-150400.2.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_8-rt-3-150400.2.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
15 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel RT (Live Patch 2 for SLE 15 SP4)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 5.14.21-150400_15_8 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2023-26545: Fixed double free in net/mpls/af_mpls.c upon an allocation failure (bsc#1208700).\n- CVE-2023-1078: Fixed a heap out-of-bounds write in rds_rm_zerocopy_callback (bsc#1208838).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-1574,SUSE-SLE-Module-Live-Patching-15-SP4-2023-1574",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_1574-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:1574-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20231574-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:1574-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2023-March/028374.html"
},
{
"category": "self",
"summary": "SUSE Bug 1208838",
"url": "https://bugzilla.suse.com/1208838"
},
{
"category": "self",
"summary": "SUSE Bug 1208909",
"url": "https://bugzilla.suse.com/1208909"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1078 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1078/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-26545 page",
"url": "https://www.suse.com/security/cve/CVE-2023-26545/"
}
],
"title": "Security update for the Linux Kernel RT (Live Patch 2 for SLE 15 SP4)",
"tracking": {
"current_release_date": "2023-03-26T23:43:08Z",
"generator": {
"date": "2023-03-26T23:43:08Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:1574-1",
"initial_release_date": "2023-03-26T23:43:08Z",
"revision_history": [
{
"date": "2023-03-26T23:43:08Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_15_8-rt-3-150400.2.3.x86_64",
"product": {
"name": "kernel-livepatch-5_14_21-150400_15_8-rt-3-150400.2.3.x86_64",
"product_id": "kernel-livepatch-5_14_21-150400_15_8-rt-3-150400.2.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150400_15_8-rt-3-150400.2.3.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_8-rt-3-150400.2.3.x86_64"
},
"product_reference": "kernel-livepatch-5_14_21-150400_15_8-rt-3-150400.2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-1078",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1078"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux Kernel in RDS (Reliable Datagram Sockets) protocol. The rds_rm_zerocopy_callback() uses list_entry() on the head of a list causing a type confusion. Local user can trigger this with rds_message_put(). Type confusion leads to `struct rds_msg_zcopy_info *info` actually points to something else that is potentially controlled by local user. It is known how to trigger this, which causes an out of bounds access, and a lock corruption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_8-rt-3-150400.2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1078",
"url": "https://www.suse.com/security/cve/CVE-2023-1078"
},
{
"category": "external",
"summary": "SUSE Bug 1208601 for CVE-2023-1078",
"url": "https://bugzilla.suse.com/1208601"
},
{
"category": "external",
"summary": "SUSE Bug 1208603 for CVE-2023-1078",
"url": "https://bugzilla.suse.com/1208603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_8-rt-3-150400.2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_8-rt-3-150400.2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-26T23:43:08Z",
"details": "important"
}
],
"title": "CVE-2023-1078"
},
{
"cve": "CVE-2023-26545",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-26545"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_8-rt-3-150400.2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-26545",
"url": "https://www.suse.com/security/cve/CVE-2023-26545"
},
{
"category": "external",
"summary": "SUSE Bug 1208700 for CVE-2023-26545",
"url": "https://bugzilla.suse.com/1208700"
},
{
"category": "external",
"summary": "SUSE Bug 1208909 for CVE-2023-26545",
"url": "https://bugzilla.suse.com/1208909"
},
{
"category": "external",
"summary": "SUSE Bug 1210423 for CVE-2023-26545",
"url": "https://bugzilla.suse.com/1210423"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_8-rt-3-150400.2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_8-rt-3-150400.2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-26T23:43:08Z",
"details": "important"
}
],
"title": "CVE-2023-26545"
}
]
}
SUSE-SU-2023:1576-1
Vulnerability from csaf_suse - Published: 2023-03-26 23:44 - Updated: 2023-03-26 23:44Summary
Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP4)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP4)
Description of the patch: This update for the Linux Kernel 5.14.21-150400_15_5 fixes several issues.
The following security issues were fixed:
- CVE-2023-26545: Fixed double free in net/mpls/af_mpls.c upon an allocation failure (bsc#1208700).
- CVE-2023-1078: Fixed a heap out-of-bounds write in rds_rm_zerocopy_callback (bsc#1208838).
- CVE-2023-0266: Fixed a use-after-free vulnerability inside the ALSA PCM package. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 was missing locks that could have been used in a use-after-free that could have resulted in a priviledge escalation to gain ring0 access from the system user (bsc#1207190).
Patchnames: SUSE-2023-1576,SUSE-SLE-Module-Live-Patching-15-SP4-2023-1576
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_5-rt-4-150400.2.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_5-rt-4-150400.2.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_5-rt-4-150400.2.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
21 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP4)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 5.14.21-150400_15_5 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2023-26545: Fixed double free in net/mpls/af_mpls.c upon an allocation failure (bsc#1208700).\n- CVE-2023-1078: Fixed a heap out-of-bounds write in rds_rm_zerocopy_callback (bsc#1208838).\n- CVE-2023-0266: Fixed a use-after-free vulnerability inside the ALSA PCM package. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 was missing locks that could have been used in a use-after-free that could have resulted in a priviledge escalation to gain ring0 access from the system user (bsc#1207190).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-1576,SUSE-SLE-Module-Live-Patching-15-SP4-2023-1576",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_1576-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:1576-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20231576-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:1576-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-March/014162.html"
},
{
"category": "self",
"summary": "SUSE Bug 1207190",
"url": "https://bugzilla.suse.com/1207190"
},
{
"category": "self",
"summary": "SUSE Bug 1208838",
"url": "https://bugzilla.suse.com/1208838"
},
{
"category": "self",
"summary": "SUSE Bug 1208909",
"url": "https://bugzilla.suse.com/1208909"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-0266 page",
"url": "https://www.suse.com/security/cve/CVE-2023-0266/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1078 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1078/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-26545 page",
"url": "https://www.suse.com/security/cve/CVE-2023-26545/"
}
],
"title": "Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP4)",
"tracking": {
"current_release_date": "2023-03-26T23:44:01Z",
"generator": {
"date": "2023-03-26T23:44:01Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:1576-1",
"initial_release_date": "2023-03-26T23:44:01Z",
"revision_history": [
{
"date": "2023-03-26T23:44:01Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_15_5-rt-4-150400.2.3.x86_64",
"product": {
"name": "kernel-livepatch-5_14_21-150400_15_5-rt-4-150400.2.3.x86_64",
"product_id": "kernel-livepatch-5_14_21-150400_15_5-rt-4-150400.2.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150400_15_5-rt-4-150400.2.3.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_5-rt-4-150400.2.3.x86_64"
},
"product_reference": "kernel-livepatch-5_14_21-150400_15_5-rt-4-150400.2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-0266",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-0266"
}
],
"notes": [
{
"category": "general",
"text": "A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. We recommend upgrading past commit 56b88b50565cd8b946a2d00b0c83927b7ebb055e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_5-rt-4-150400.2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-0266",
"url": "https://www.suse.com/security/cve/CVE-2023-0266"
},
{
"category": "external",
"summary": "SUSE Bug 1207134 for CVE-2023-0266",
"url": "https://bugzilla.suse.com/1207134"
},
{
"category": "external",
"summary": "SUSE Bug 1207190 for CVE-2023-0266",
"url": "https://bugzilla.suse.com/1207190"
},
{
"category": "external",
"summary": "SUSE Bug 1214128 for CVE-2023-0266",
"url": "https://bugzilla.suse.com/1214128"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_5-rt-4-150400.2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_5-rt-4-150400.2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-26T23:44:01Z",
"details": "important"
}
],
"title": "CVE-2023-0266"
},
{
"cve": "CVE-2023-1078",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1078"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux Kernel in RDS (Reliable Datagram Sockets) protocol. The rds_rm_zerocopy_callback() uses list_entry() on the head of a list causing a type confusion. Local user can trigger this with rds_message_put(). Type confusion leads to `struct rds_msg_zcopy_info *info` actually points to something else that is potentially controlled by local user. It is known how to trigger this, which causes an out of bounds access, and a lock corruption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_5-rt-4-150400.2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1078",
"url": "https://www.suse.com/security/cve/CVE-2023-1078"
},
{
"category": "external",
"summary": "SUSE Bug 1208601 for CVE-2023-1078",
"url": "https://bugzilla.suse.com/1208601"
},
{
"category": "external",
"summary": "SUSE Bug 1208603 for CVE-2023-1078",
"url": "https://bugzilla.suse.com/1208603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_5-rt-4-150400.2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_5-rt-4-150400.2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-26T23:44:01Z",
"details": "important"
}
],
"title": "CVE-2023-1078"
},
{
"cve": "CVE-2023-26545",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-26545"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_5-rt-4-150400.2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-26545",
"url": "https://www.suse.com/security/cve/CVE-2023-26545"
},
{
"category": "external",
"summary": "SUSE Bug 1208700 for CVE-2023-26545",
"url": "https://bugzilla.suse.com/1208700"
},
{
"category": "external",
"summary": "SUSE Bug 1208909 for CVE-2023-26545",
"url": "https://bugzilla.suse.com/1208909"
},
{
"category": "external",
"summary": "SUSE Bug 1210423 for CVE-2023-26545",
"url": "https://bugzilla.suse.com/1210423"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_5-rt-4-150400.2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_5-rt-4-150400.2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-26T23:44:01Z",
"details": "important"
}
],
"title": "CVE-2023-26545"
}
]
}
SUSE-SU-2023:1579-1
Vulnerability from csaf_suse - Published: 2023-03-27 07:06 - Updated: 2023-03-27 07:06Summary
Security update for the Linux Kernel (Live Patch 34 for SLE 15 SP1)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 34 for SLE 15 SP1)
Description of the patch: This update for the Linux Kernel 4.12.14-150100_197_123 fixes one issue.
The following security issue was fixed:
- CVE-2023-26545: Fixed double free in net/mpls/af_mpls.c upon an allocation failure (bsc#1208909).
Patchnames: SUSE-2023-1579,SUSE-SLE-Module-Live-Patching-15-SP1-2023-1579
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_123-default-5-150100.2.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_123-default-5-150100.2.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
10 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 34 for SLE 15 SP1)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 4.12.14-150100_197_123 fixes one issue.\n\nThe following security issue was fixed:\n\n- CVE-2023-26545: Fixed double free in net/mpls/af_mpls.c upon an allocation failure (bsc#1208909).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-1579,SUSE-SLE-Module-Live-Patching-15-SP1-2023-1579",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_1579-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:1579-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20231579-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:1579-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-March/014161.html"
},
{
"category": "self",
"summary": "SUSE Bug 1208909",
"url": "https://bugzilla.suse.com/1208909"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-26545 page",
"url": "https://www.suse.com/security/cve/CVE-2023-26545/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 34 for SLE 15 SP1)",
"tracking": {
"current_release_date": "2023-03-27T07:06:07Z",
"generator": {
"date": "2023-03-27T07:06:07Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:1579-1",
"initial_release_date": "2023-03-27T07:06:07Z",
"revision_history": [
{
"date": "2023-03-27T07:06:07Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-4_12_14-150100_197_123-default-5-150100.2.3.ppc64le",
"product": {
"name": "kernel-livepatch-4_12_14-150100_197_123-default-5-150100.2.3.ppc64le",
"product_id": "kernel-livepatch-4_12_14-150100_197_123-default-5-150100.2.3.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-4_12_14-150100_197_123-default-5-150100.2.3.x86_64",
"product": {
"name": "kernel-livepatch-4_12_14-150100_197_123-default-5-150100.2.3.x86_64",
"product_id": "kernel-livepatch-4_12_14-150100_197_123-default-5-150100.2.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP1",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP1",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-4_12_14-150100_197_123-default-5-150100.2.3.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP1",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_123-default-5-150100.2.3.ppc64le"
},
"product_reference": "kernel-livepatch-4_12_14-150100_197_123-default-5-150100.2.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-4_12_14-150100_197_123-default-5-150100.2.3.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP1",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_123-default-5-150100.2.3.x86_64"
},
"product_reference": "kernel-livepatch-4_12_14-150100_197_123-default-5-150100.2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-26545",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-26545"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_123-default-5-150100.2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_123-default-5-150100.2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-26545",
"url": "https://www.suse.com/security/cve/CVE-2023-26545"
},
{
"category": "external",
"summary": "SUSE Bug 1208700 for CVE-2023-26545",
"url": "https://bugzilla.suse.com/1208700"
},
{
"category": "external",
"summary": "SUSE Bug 1208909 for CVE-2023-26545",
"url": "https://bugzilla.suse.com/1208909"
},
{
"category": "external",
"summary": "SUSE Bug 1210423 for CVE-2023-26545",
"url": "https://bugzilla.suse.com/1210423"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_123-default-5-150100.2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_123-default-5-150100.2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_123-default-5-150100.2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_123-default-5-150100.2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-27T07:06:07Z",
"details": "important"
}
],
"title": "CVE-2023-26545"
}
]
}
SUSE-SU-2023:1588-1
Vulnerability from csaf_suse - Published: 2023-03-27 13:04 - Updated: 2023-03-27 13:04Summary
Security update for the Linux Kernel (Live Patch 30 for SLE 15 SP1)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 30 for SLE 15 SP1)
Description of the patch: This update for the Linux Kernel 4.12.14-150100_197_111 fixes one issue.
The following security issue was fixed:
- CVE-2023-26545: Fixed double free in net/mpls/af_mpls.c upon an allocation failure (bsc#1208909).
Patchnames: SUSE-2023-1588,SUSE-SLE-Module-Live-Patching-15-SP1-2023-1588
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-13-150100.2.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-13-150100.2.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
10 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 30 for SLE 15 SP1)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 4.12.14-150100_197_111 fixes one issue.\n\nThe following security issue was fixed:\n\n- CVE-2023-26545: Fixed double free in net/mpls/af_mpls.c upon an allocation failure (bsc#1208909).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-1588,SUSE-SLE-Module-Live-Patching-15-SP1-2023-1588",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_1588-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:1588-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20231588-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:1588-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-March/014174.html"
},
{
"category": "self",
"summary": "SUSE Bug 1208909",
"url": "https://bugzilla.suse.com/1208909"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-26545 page",
"url": "https://www.suse.com/security/cve/CVE-2023-26545/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 30 for SLE 15 SP1)",
"tracking": {
"current_release_date": "2023-03-27T13:04:44Z",
"generator": {
"date": "2023-03-27T13:04:44Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:1588-1",
"initial_release_date": "2023-03-27T13:04:44Z",
"revision_history": [
{
"date": "2023-03-27T13:04:44Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-4_12_14-150100_197_111-default-13-150100.2.3.ppc64le",
"product": {
"name": "kernel-livepatch-4_12_14-150100_197_111-default-13-150100.2.3.ppc64le",
"product_id": "kernel-livepatch-4_12_14-150100_197_111-default-13-150100.2.3.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-4_12_14-150100_197_111-default-13-150100.2.3.x86_64",
"product": {
"name": "kernel-livepatch-4_12_14-150100_197_111-default-13-150100.2.3.x86_64",
"product_id": "kernel-livepatch-4_12_14-150100_197_111-default-13-150100.2.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP1",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP1",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-4_12_14-150100_197_111-default-13-150100.2.3.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP1",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-13-150100.2.3.ppc64le"
},
"product_reference": "kernel-livepatch-4_12_14-150100_197_111-default-13-150100.2.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-4_12_14-150100_197_111-default-13-150100.2.3.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP1",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-13-150100.2.3.x86_64"
},
"product_reference": "kernel-livepatch-4_12_14-150100_197_111-default-13-150100.2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-26545",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-26545"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-13-150100.2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-13-150100.2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-26545",
"url": "https://www.suse.com/security/cve/CVE-2023-26545"
},
{
"category": "external",
"summary": "SUSE Bug 1208700 for CVE-2023-26545",
"url": "https://bugzilla.suse.com/1208700"
},
{
"category": "external",
"summary": "SUSE Bug 1208909 for CVE-2023-26545",
"url": "https://bugzilla.suse.com/1208909"
},
{
"category": "external",
"summary": "SUSE Bug 1210423 for CVE-2023-26545",
"url": "https://bugzilla.suse.com/1210423"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-13-150100.2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-13-150100.2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-13-150100.2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-13-150100.2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-27T13:04:44Z",
"details": "important"
}
],
"title": "CVE-2023-26545"
}
]
}
SUSE-SU-2023:1591-1
Vulnerability from csaf_suse - Published: 2023-03-27 15:38 - Updated: 2023-03-27 15:38Summary
Security update for the Linux Kernel (Live Patch 27 for SLE 15 SP3)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 27 for SLE 15 SP3)
Description of the patch: This update for the Linux Kernel 5.3.18-150300_59_106 fixes several issues.
The following security issues were fixed:
- CVE-2023-26545: Fixed double free in net/mpls/af_mpls.c upon an allocation failure (bsc#1208700).
- CVE-2023-1078: Fixed a heap out-of-bounds write in rds_rm_zerocopy_callback (bsc#1208838).
- CVE-2023-0266: Fixed a use-after-free vulnerability inside the ALSA PCM package. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 was missing locks that could have been used in a use-after-free that could have resulted in a priviledge escalation to gain ring0 access from the system user (bsc#1207190).
Patchnames: SUSE-2023-1591,SUSE-SLE-Module-Live-Patching-15-SP3-2023-1591
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
21 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 27 for SLE 15 SP3)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 5.3.18-150300_59_106 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2023-26545: Fixed double free in net/mpls/af_mpls.c upon an allocation failure (bsc#1208700).\n- CVE-2023-1078: Fixed a heap out-of-bounds write in rds_rm_zerocopy_callback (bsc#1208838).\n- CVE-2023-0266: Fixed a use-after-free vulnerability inside the ALSA PCM package. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 was missing locks that could have been used in a use-after-free that could have resulted in a priviledge escalation to gain ring0 access from the system user (bsc#1207190).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-1591,SUSE-SLE-Module-Live-Patching-15-SP3-2023-1591",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_1591-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:1591-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20231591-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:1591-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-March/014173.html"
},
{
"category": "self",
"summary": "SUSE Bug 1207190",
"url": "https://bugzilla.suse.com/1207190"
},
{
"category": "self",
"summary": "SUSE Bug 1208838",
"url": "https://bugzilla.suse.com/1208838"
},
{
"category": "self",
"summary": "SUSE Bug 1208909",
"url": "https://bugzilla.suse.com/1208909"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-0266 page",
"url": "https://www.suse.com/security/cve/CVE-2023-0266/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1078 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1078/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-26545 page",
"url": "https://www.suse.com/security/cve/CVE-2023-26545/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 27 for SLE 15 SP3)",
"tracking": {
"current_release_date": "2023-03-27T15:38:10Z",
"generator": {
"date": "2023-03-27T15:38:10Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:1591-1",
"initial_release_date": "2023-03-27T15:38:10Z",
"revision_history": [
{
"date": "2023-03-27T15:38:10Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.ppc64le",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.ppc64le",
"product_id": "kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.s390x",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.s390x",
"product_id": "kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.x86_64",
"product_id": "kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_106-preempt-3-150300.2.3.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_106-preempt-3-150300.2.3.x86_64",
"product_id": "kernel-livepatch-5_3_18-150300_59_106-preempt-3-150300.2.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.ppc64le"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.s390x as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.s390x"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.x86_64"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-0266",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-0266"
}
],
"notes": [
{
"category": "general",
"text": "A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. We recommend upgrading past commit 56b88b50565cd8b946a2d00b0c83927b7ebb055e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-0266",
"url": "https://www.suse.com/security/cve/CVE-2023-0266"
},
{
"category": "external",
"summary": "SUSE Bug 1207134 for CVE-2023-0266",
"url": "https://bugzilla.suse.com/1207134"
},
{
"category": "external",
"summary": "SUSE Bug 1207190 for CVE-2023-0266",
"url": "https://bugzilla.suse.com/1207190"
},
{
"category": "external",
"summary": "SUSE Bug 1214128 for CVE-2023-0266",
"url": "https://bugzilla.suse.com/1214128"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-27T15:38:10Z",
"details": "important"
}
],
"title": "CVE-2023-0266"
},
{
"cve": "CVE-2023-1078",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1078"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux Kernel in RDS (Reliable Datagram Sockets) protocol. The rds_rm_zerocopy_callback() uses list_entry() on the head of a list causing a type confusion. Local user can trigger this with rds_message_put(). Type confusion leads to `struct rds_msg_zcopy_info *info` actually points to something else that is potentially controlled by local user. It is known how to trigger this, which causes an out of bounds access, and a lock corruption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1078",
"url": "https://www.suse.com/security/cve/CVE-2023-1078"
},
{
"category": "external",
"summary": "SUSE Bug 1208601 for CVE-2023-1078",
"url": "https://bugzilla.suse.com/1208601"
},
{
"category": "external",
"summary": "SUSE Bug 1208603 for CVE-2023-1078",
"url": "https://bugzilla.suse.com/1208603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-27T15:38:10Z",
"details": "important"
}
],
"title": "CVE-2023-1078"
},
{
"cve": "CVE-2023-26545",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-26545"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-26545",
"url": "https://www.suse.com/security/cve/CVE-2023-26545"
},
{
"category": "external",
"summary": "SUSE Bug 1208700 for CVE-2023-26545",
"url": "https://bugzilla.suse.com/1208700"
},
{
"category": "external",
"summary": "SUSE Bug 1208909 for CVE-2023-26545",
"url": "https://bugzilla.suse.com/1208909"
},
{
"category": "external",
"summary": "SUSE Bug 1210423 for CVE-2023-26545",
"url": "https://bugzilla.suse.com/1210423"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_106-default-3-150300.2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-27T15:38:10Z",
"details": "important"
}
],
"title": "CVE-2023-26545"
}
]
}
SUSE-SU-2023:1592-1
Vulnerability from csaf_suse - Published: 2023-03-27 17:33 - Updated: 2023-03-27 17:33Summary
Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP2)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP2)
Description of the patch: This update for the Linux Kernel 5.3.18-150200_24_112 fixes several issues.
The following security issues were fixed:
- CVE-2023-26545: Fixed double free in net/mpls/af_mpls.c upon an allocation failure (bsc#1208909).
- CVE-2023-1078: Fixed a heap out-of-bounds write in rds_rm_zerocopy_callback (bsc#1208838).
- CVE-2023-0266: Fixed a use-after-free vulnerability inside the ALSA PCM package. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 was missing locks that could have been used in a use-after-free that could have resulted in a priviledge escalation to gain ring0 access from the system user (bsc#1207190).
Patchnames: SUSE-2023-1592,SUSE-SLE-Module-Live-Patching-15-SP2-2023-1592
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
21 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP2)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 5.3.18-150200_24_112 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2023-26545: Fixed double free in net/mpls/af_mpls.c upon an allocation failure (bsc#1208909).\n- CVE-2023-1078: Fixed a heap out-of-bounds write in rds_rm_zerocopy_callback (bsc#1208838).\n- CVE-2023-0266: Fixed a use-after-free vulnerability inside the ALSA PCM package. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 was missing locks that could have been used in a use-after-free that could have resulted in a priviledge escalation to gain ring0 access from the system user (bsc#1207190).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-1592,SUSE-SLE-Module-Live-Patching-15-SP2-2023-1592",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_1592-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:1592-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20231592-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:1592-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-March/014175.html"
},
{
"category": "self",
"summary": "SUSE Bug 1207190",
"url": "https://bugzilla.suse.com/1207190"
},
{
"category": "self",
"summary": "SUSE Bug 1208838",
"url": "https://bugzilla.suse.com/1208838"
},
{
"category": "self",
"summary": "SUSE Bug 1208909",
"url": "https://bugzilla.suse.com/1208909"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-0266 page",
"url": "https://www.suse.com/security/cve/CVE-2023-0266/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1078 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1078/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-26545 page",
"url": "https://www.suse.com/security/cve/CVE-2023-26545/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP2)",
"tracking": {
"current_release_date": "2023-03-27T17:33:54Z",
"generator": {
"date": "2023-03-27T17:33:54Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:1592-1",
"initial_release_date": "2023-03-27T17:33:54Z",
"revision_history": [
{
"date": "2023-03-27T17:33:54Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.ppc64le",
"product": {
"name": "kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.ppc64le",
"product_id": "kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.s390x",
"product": {
"name": "kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.s390x",
"product_id": "kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.x86_64",
"product_id": "kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150200_24_112-preempt-14-150200.2.3.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150200_24_112-preempt-14-150200.2.3.x86_64",
"product_id": "kernel-livepatch-5_3_18-150200_24_112-preempt-14-150200.2.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.ppc64le"
},
"product_reference": "kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.s390x as component of SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.s390x"
},
"product_reference": "kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.x86_64"
},
"product_reference": "kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-0266",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-0266"
}
],
"notes": [
{
"category": "general",
"text": "A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. We recommend upgrading past commit 56b88b50565cd8b946a2d00b0c83927b7ebb055e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-0266",
"url": "https://www.suse.com/security/cve/CVE-2023-0266"
},
{
"category": "external",
"summary": "SUSE Bug 1207134 for CVE-2023-0266",
"url": "https://bugzilla.suse.com/1207134"
},
{
"category": "external",
"summary": "SUSE Bug 1207190 for CVE-2023-0266",
"url": "https://bugzilla.suse.com/1207190"
},
{
"category": "external",
"summary": "SUSE Bug 1214128 for CVE-2023-0266",
"url": "https://bugzilla.suse.com/1214128"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-27T17:33:54Z",
"details": "important"
}
],
"title": "CVE-2023-0266"
},
{
"cve": "CVE-2023-1078",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1078"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux Kernel in RDS (Reliable Datagram Sockets) protocol. The rds_rm_zerocopy_callback() uses list_entry() on the head of a list causing a type confusion. Local user can trigger this with rds_message_put(). Type confusion leads to `struct rds_msg_zcopy_info *info` actually points to something else that is potentially controlled by local user. It is known how to trigger this, which causes an out of bounds access, and a lock corruption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1078",
"url": "https://www.suse.com/security/cve/CVE-2023-1078"
},
{
"category": "external",
"summary": "SUSE Bug 1208601 for CVE-2023-1078",
"url": "https://bugzilla.suse.com/1208601"
},
{
"category": "external",
"summary": "SUSE Bug 1208603 for CVE-2023-1078",
"url": "https://bugzilla.suse.com/1208603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-27T17:33:54Z",
"details": "important"
}
],
"title": "CVE-2023-1078"
},
{
"cve": "CVE-2023-26545",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-26545"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-26545",
"url": "https://www.suse.com/security/cve/CVE-2023-26545"
},
{
"category": "external",
"summary": "SUSE Bug 1208700 for CVE-2023-26545",
"url": "https://bugzilla.suse.com/1208700"
},
{
"category": "external",
"summary": "SUSE Bug 1208909 for CVE-2023-26545",
"url": "https://bugzilla.suse.com/1208909"
},
{
"category": "external",
"summary": "SUSE Bug 1210423 for CVE-2023-26545",
"url": "https://bugzilla.suse.com/1210423"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_112-default-14-150200.2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-27T17:33:54Z",
"details": "important"
}
],
"title": "CVE-2023-26545"
}
]
}
SUSE-SU-2023:1595-1
Vulnerability from csaf_suse - Published: 2023-03-28 07:34 - Updated: 2023-03-28 07:34Summary
Security update for the Linux Kernel (Live Patch 16 for SLE 15 SP3)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 16 for SLE 15 SP3)
Description of the patch: This update for the Linux Kernel 5.3.18-150300_59_60 fixes several issues.
The following security issues were fixed:
- CVE-2023-26545: Fixed double free in net/mpls/af_mpls.c upon an allocation failure (bsc#1208700).
- CVE-2023-1078: Fixed a heap out-of-bounds write in rds_rm_zerocopy_callback (bsc#1208838).
- CVE-2023-0266: Fixed a use-after-free vulnerability inside the ALSA PCM package. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 was missing locks that could have been used in a use-after-free that could have resulted in a priviledge escalation to gain ring0 access from the system user (bsc#1207190).
Patchnames: SUSE-2023-1595,SUSE-SLE-Module-Live-Patching-15-SP2-2023-1606,SUSE-SLE-Module-Live-Patching-15-SP3-2023-1611
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
21 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 16 for SLE 15 SP3)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 5.3.18-150300_59_60 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2023-26545: Fixed double free in net/mpls/af_mpls.c upon an allocation failure (bsc#1208700).\n- CVE-2023-1078: Fixed a heap out-of-bounds write in rds_rm_zerocopy_callback (bsc#1208838).\n- CVE-2023-0266: Fixed a use-after-free vulnerability inside the ALSA PCM package. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 was missing locks that could have been used in a use-after-free that could have resulted in a priviledge escalation to gain ring0 access from the system user (bsc#1207190).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-1595,SUSE-SLE-Module-Live-Patching-15-SP2-2023-1606,SUSE-SLE-Module-Live-Patching-15-SP3-2023-1611",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_1595-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:1595-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20231595-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:1595-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-March/014201.html"
},
{
"category": "self",
"summary": "SUSE Bug 1207190",
"url": "https://bugzilla.suse.com/1207190"
},
{
"category": "self",
"summary": "SUSE Bug 1208838",
"url": "https://bugzilla.suse.com/1208838"
},
{
"category": "self",
"summary": "SUSE Bug 1208909",
"url": "https://bugzilla.suse.com/1208909"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-0266 page",
"url": "https://www.suse.com/security/cve/CVE-2023-0266/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1078 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1078/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-26545 page",
"url": "https://www.suse.com/security/cve/CVE-2023-26545/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 16 for SLE 15 SP3)",
"tracking": {
"current_release_date": "2023-03-28T07:34:06Z",
"generator": {
"date": "2023-03-28T07:34:06Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:1595-1",
"initial_release_date": "2023-03-28T07:34:06Z",
"revision_history": [
{
"date": "2023-03-28T07:34:06Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_101-default-5-150300.2.3.ppc64le",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_101-default-5-150300.2.3.ppc64le",
"product_id": "kernel-livepatch-5_3_18-150300_59_101-default-5-150300.2.3.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.ppc64le",
"product": {
"name": "kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.ppc64le",
"product_id": "kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.ppc64le",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.ppc64le",
"product_id": "kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_101-default-5-150300.2.3.s390x",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_101-default-5-150300.2.3.s390x",
"product_id": "kernel-livepatch-5_3_18-150300_59_101-default-5-150300.2.3.s390x"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.s390x",
"product": {
"name": "kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.s390x",
"product_id": "kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.s390x"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.s390x",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.s390x",
"product_id": "kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_101-default-5-150300.2.3.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_101-default-5-150300.2.3.x86_64",
"product_id": "kernel-livepatch-5_3_18-150300_59_101-default-5-150300.2.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_101-preempt-5-150300.2.3.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_101-preempt-5-150300.2.3.x86_64",
"product_id": "kernel-livepatch-5_3_18-150300_59_101-preempt-5-150300.2.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.x86_64",
"product_id": "kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.x86_64",
"product_id": "kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.ppc64le"
},
"product_reference": "kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.s390x as component of SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.s390x"
},
"product_reference": "kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.x86_64"
},
"product_reference": "kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.ppc64le"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.s390x as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.s390x"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.x86_64"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-0266",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-0266"
}
],
"notes": [
{
"category": "general",
"text": "A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. We recommend upgrading past commit 56b88b50565cd8b946a2d00b0c83927b7ebb055e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-0266",
"url": "https://www.suse.com/security/cve/CVE-2023-0266"
},
{
"category": "external",
"summary": "SUSE Bug 1207134 for CVE-2023-0266",
"url": "https://bugzilla.suse.com/1207134"
},
{
"category": "external",
"summary": "SUSE Bug 1207190 for CVE-2023-0266",
"url": "https://bugzilla.suse.com/1207190"
},
{
"category": "external",
"summary": "SUSE Bug 1214128 for CVE-2023-0266",
"url": "https://bugzilla.suse.com/1214128"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-28T07:34:06Z",
"details": "important"
}
],
"title": "CVE-2023-0266"
},
{
"cve": "CVE-2023-1078",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1078"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux Kernel in RDS (Reliable Datagram Sockets) protocol. The rds_rm_zerocopy_callback() uses list_entry() on the head of a list causing a type confusion. Local user can trigger this with rds_message_put(). Type confusion leads to `struct rds_msg_zcopy_info *info` actually points to something else that is potentially controlled by local user. It is known how to trigger this, which causes an out of bounds access, and a lock corruption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1078",
"url": "https://www.suse.com/security/cve/CVE-2023-1078"
},
{
"category": "external",
"summary": "SUSE Bug 1208601 for CVE-2023-1078",
"url": "https://bugzilla.suse.com/1208601"
},
{
"category": "external",
"summary": "SUSE Bug 1208603 for CVE-2023-1078",
"url": "https://bugzilla.suse.com/1208603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-28T07:34:06Z",
"details": "important"
}
],
"title": "CVE-2023-1078"
},
{
"cve": "CVE-2023-26545",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-26545"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-26545",
"url": "https://www.suse.com/security/cve/CVE-2023-26545"
},
{
"category": "external",
"summary": "SUSE Bug 1208700 for CVE-2023-26545",
"url": "https://bugzilla.suse.com/1208700"
},
{
"category": "external",
"summary": "SUSE Bug 1208909 for CVE-2023-26545",
"url": "https://bugzilla.suse.com/1208909"
},
{
"category": "external",
"summary": "SUSE Bug 1210423 for CVE-2023-26545",
"url": "https://bugzilla.suse.com/1210423"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_139-default-3-150200.2.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-17-150300.2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-28T07:34:06Z",
"details": "important"
}
],
"title": "CVE-2023-26545"
}
]
}
SUSE-SU-2023:1599-1
Vulnerability from csaf_suse - Published: 2023-03-28 04:33 - Updated: 2023-03-28 04:33Summary
Security update for the Linux Kernel (Live Patch 37 for SLE 15 SP1)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 37 for SLE 15 SP1)
Description of the patch: This update for the Linux Kernel 4.12.14-150100_197_134 fixes one issue.
The following security issue was fixed:
- CVE-2023-26545: Fixed double free in net/mpls/af_mpls.c upon an allocation failure (bsc#1208909).
Patchnames: SUSE-2023-1599,SUSE-SLE-Live-Patching-12-SP4-2023-1601,SUSE-SLE-Live-Patching-12-SP5-2023-1603,SUSE-SLE-Module-Live-Patching-15-SP1-2023-1599
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_114-default-3-2.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_114-default-3-2.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_114-default-3-2.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-2-2.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-2-2.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-2-2.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_134-default-2-150100.2.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_134-default-2-150100.2.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
10 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 37 for SLE 15 SP1)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 4.12.14-150100_197_134 fixes one issue.\n\nThe following security issue was fixed:\n\n- CVE-2023-26545: Fixed double free in net/mpls/af_mpls.c upon an allocation failure (bsc#1208909).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-1599,SUSE-SLE-Live-Patching-12-SP4-2023-1601,SUSE-SLE-Live-Patching-12-SP5-2023-1603,SUSE-SLE-Module-Live-Patching-15-SP1-2023-1599",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_1599-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:1599-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20231599-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:1599-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-March/014200.html"
},
{
"category": "self",
"summary": "SUSE Bug 1208909",
"url": "https://bugzilla.suse.com/1208909"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-26545 page",
"url": "https://www.suse.com/security/cve/CVE-2023-26545/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 37 for SLE 15 SP1)",
"tracking": {
"current_release_date": "2023-03-28T04:33:58Z",
"generator": {
"date": "2023-03-28T04:33:58Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:1599-1",
"initial_release_date": "2023-03-28T04:33:58Z",
"revision_history": [
{
"date": "2023-03-28T04:33:58Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-4_12_14-150100_197_134-default-2-150100.2.3.ppc64le",
"product": {
"name": "kernel-livepatch-4_12_14-150100_197_134-default-2-150100.2.3.ppc64le",
"product_id": "kernel-livepatch-4_12_14-150100_197_134-default-2-150100.2.3.ppc64le"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-95_114-default-3-2.3.ppc64le",
"product": {
"name": "kgraft-patch-4_12_14-95_114-default-3-2.3.ppc64le",
"product_id": "kgraft-patch-4_12_14-95_114-default-3-2.3.ppc64le"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_150-default-2-2.3.ppc64le",
"product": {
"name": "kgraft-patch-4_12_14-122_150-default-2-2.3.ppc64le",
"product_id": "kgraft-patch-4_12_14-122_150-default-2-2.3.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-95_114-default-3-2.3.s390x",
"product": {
"name": "kgraft-patch-4_12_14-95_114-default-3-2.3.s390x",
"product_id": "kgraft-patch-4_12_14-95_114-default-3-2.3.s390x"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_150-default-2-2.3.s390x",
"product": {
"name": "kgraft-patch-4_12_14-122_150-default-2-2.3.s390x",
"product_id": "kgraft-patch-4_12_14-122_150-default-2-2.3.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-4_12_14-150100_197_134-default-2-150100.2.3.x86_64",
"product": {
"name": "kernel-livepatch-4_12_14-150100_197_134-default-2-150100.2.3.x86_64",
"product_id": "kernel-livepatch-4_12_14-150100_197_134-default-2-150100.2.3.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-95_114-default-3-2.3.x86_64",
"product": {
"name": "kgraft-patch-4_12_14-95_114-default-3-2.3.x86_64",
"product_id": "kgraft-patch-4_12_14-95_114-default-3-2.3.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_150-default-2-2.3.x86_64",
"product": {
"name": "kgraft-patch-4_12_14-122_150-default-2-2.3.x86_64",
"product_id": "kgraft-patch-4_12_14-122_150-default-2-2.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP1",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP1",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_114-default-3-2.3.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_114-default-3-2.3.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-95_114-default-3-2.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_114-default-3-2.3.s390x as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_114-default-3-2.3.s390x"
},
"product_reference": "kgraft-patch-4_12_14-95_114-default-3-2.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_114-default-3-2.3.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_114-default-3-2.3.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-95_114-default-3-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_150-default-2-2.3.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-2-2.3.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-122_150-default-2-2.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_150-default-2-2.3.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-2-2.3.s390x"
},
"product_reference": "kgraft-patch-4_12_14-122_150-default-2-2.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_150-default-2-2.3.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-2-2.3.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-122_150-default-2-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-4_12_14-150100_197_134-default-2-150100.2.3.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP1",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_134-default-2-150100.2.3.ppc64le"
},
"product_reference": "kernel-livepatch-4_12_14-150100_197_134-default-2-150100.2.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-4_12_14-150100_197_134-default-2-150100.2.3.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP1",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_134-default-2-150100.2.3.x86_64"
},
"product_reference": "kernel-livepatch-4_12_14-150100_197_134-default-2-150100.2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-26545",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-26545"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_114-default-3-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_114-default-3-2.3.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_114-default-3-2.3.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-2-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-2-2.3.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-2-2.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_134-default-2-150100.2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_134-default-2-150100.2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-26545",
"url": "https://www.suse.com/security/cve/CVE-2023-26545"
},
{
"category": "external",
"summary": "SUSE Bug 1208700 for CVE-2023-26545",
"url": "https://bugzilla.suse.com/1208700"
},
{
"category": "external",
"summary": "SUSE Bug 1208909 for CVE-2023-26545",
"url": "https://bugzilla.suse.com/1208909"
},
{
"category": "external",
"summary": "SUSE Bug 1210423 for CVE-2023-26545",
"url": "https://bugzilla.suse.com/1210423"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_114-default-3-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_114-default-3-2.3.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_114-default-3-2.3.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-2-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-2-2.3.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-2-2.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_134-default-2-150100.2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_134-default-2-150100.2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_114-default-3-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_114-default-3-2.3.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_114-default-3-2.3.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-2-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-2-2.3.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-2-2.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_134-default-2-150100.2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_134-default-2-150100.2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-28T04:33:58Z",
"details": "important"
}
],
"title": "CVE-2023-26545"
}
]
}
SUSE-SU-2023:1602-1
Vulnerability from csaf_suse - Published: 2023-03-28 05:05 - Updated: 2023-03-28 05:05Summary
Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP5)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP5)
Description of the patch: This update for the Linux Kernel 4.12.14-122_130 fixes several issues.
The following security issues were fixed:
- CVE-2023-26545: Fixed double free in net/mpls/af_mpls.c upon an allocation failure (bsc#1208909).
- CVE-2023-0266: Fixed a use-after-free vulnerability inside the ALSA PCM package. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 was missing locks that could have been used in a use-after-free that could have resulted in a priviledge escalation to gain ring0 access from the system user (bsc#1207190).
Patchnames: SUSE-2023-1602,SUSE-SLE-Live-Patching-12-SP5-2023-1602
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-8-2.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-8-2.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-8-2.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-8-2.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-8-2.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-8-2.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
16 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP5)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 4.12.14-122_130 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2023-26545: Fixed double free in net/mpls/af_mpls.c upon an allocation failure (bsc#1208909).\n- CVE-2023-0266: Fixed a use-after-free vulnerability inside the ALSA PCM package. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 was missing locks that could have been used in a use-after-free that could have resulted in a priviledge escalation to gain ring0 access from the system user (bsc#1207190).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-1602,SUSE-SLE-Live-Patching-12-SP5-2023-1602",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_1602-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:1602-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20231602-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:1602-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-March/014199.html"
},
{
"category": "self",
"summary": "SUSE Bug 1207190",
"url": "https://bugzilla.suse.com/1207190"
},
{
"category": "self",
"summary": "SUSE Bug 1208909",
"url": "https://bugzilla.suse.com/1208909"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-0266 page",
"url": "https://www.suse.com/security/cve/CVE-2023-0266/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-26545 page",
"url": "https://www.suse.com/security/cve/CVE-2023-26545/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP5)",
"tracking": {
"current_release_date": "2023-03-28T05:05:56Z",
"generator": {
"date": "2023-03-28T05:05:56Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:1602-1",
"initial_release_date": "2023-03-28T05:05:56Z",
"revision_history": [
{
"date": "2023-03-28T05:05:56Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_130-default-8-2.3.ppc64le",
"product": {
"name": "kgraft-patch-4_12_14-122_130-default-8-2.3.ppc64le",
"product_id": "kgraft-patch-4_12_14-122_130-default-8-2.3.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_130-default-8-2.3.s390x",
"product": {
"name": "kgraft-patch-4_12_14-122_130-default-8-2.3.s390x",
"product_id": "kgraft-patch-4_12_14-122_130-default-8-2.3.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_130-default-8-2.3.x86_64",
"product": {
"name": "kgraft-patch-4_12_14-122_130-default-8-2.3.x86_64",
"product_id": "kgraft-patch-4_12_14-122_130-default-8-2.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_130-default-8-2.3.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-8-2.3.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-122_130-default-8-2.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_130-default-8-2.3.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-8-2.3.s390x"
},
"product_reference": "kgraft-patch-4_12_14-122_130-default-8-2.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_130-default-8-2.3.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-8-2.3.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-122_130-default-8-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-0266",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-0266"
}
],
"notes": [
{
"category": "general",
"text": "A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. We recommend upgrading past commit 56b88b50565cd8b946a2d00b0c83927b7ebb055e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-8-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-8-2.3.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-8-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-0266",
"url": "https://www.suse.com/security/cve/CVE-2023-0266"
},
{
"category": "external",
"summary": "SUSE Bug 1207134 for CVE-2023-0266",
"url": "https://bugzilla.suse.com/1207134"
},
{
"category": "external",
"summary": "SUSE Bug 1207190 for CVE-2023-0266",
"url": "https://bugzilla.suse.com/1207190"
},
{
"category": "external",
"summary": "SUSE Bug 1214128 for CVE-2023-0266",
"url": "https://bugzilla.suse.com/1214128"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-8-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-8-2.3.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-8-2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-8-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-8-2.3.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-8-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-28T05:05:56Z",
"details": "important"
}
],
"title": "CVE-2023-0266"
},
{
"cve": "CVE-2023-26545",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-26545"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-8-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-8-2.3.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-8-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-26545",
"url": "https://www.suse.com/security/cve/CVE-2023-26545"
},
{
"category": "external",
"summary": "SUSE Bug 1208700 for CVE-2023-26545",
"url": "https://bugzilla.suse.com/1208700"
},
{
"category": "external",
"summary": "SUSE Bug 1208909 for CVE-2023-26545",
"url": "https://bugzilla.suse.com/1208909"
},
{
"category": "external",
"summary": "SUSE Bug 1210423 for CVE-2023-26545",
"url": "https://bugzilla.suse.com/1210423"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-8-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-8-2.3.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-8-2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-8-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-8-2.3.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-8-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-28T05:05:56Z",
"details": "important"
}
],
"title": "CVE-2023-26545"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…